Does this skill automate the scanning process?

It provides detailed instructions for configuring automated scans in Burp Professional while also offering manual testing workflows for Community users.

Can I use this skill with the Burp Suite Community Edition?

Yes, the skill provides comprehensive guidance for both Community and Professional editions, highlighting features like the Proxy, Repeater, and Decoder available in both.

How do I handle HTTPS traffic with this skill?

The skill includes troubleshooting steps for installing Burp's CA certificate to enable seamless interception of encrypted HTTPS traffic.

Is it safe to use this skill on any website?

No, the skill explicitly includes guardrails advising users to only test authorized applications and to configure scope to prevent accidental out-of-scope testing.

What kind of vulnerabilities can I find using this guidance?

The skill covers testing for SQL injection, Cross-Site Scripting (XSS), path traversal, command injection, and business logic flaws like price manipulation.

Burp Suite Web Application Testing

Name: Burp Suite Web Application Testing
Author: claudiodearaujo

byclaudiodearaujo

0•

Seguridad y Pruebas

Executes comprehensive web application security testing and vulnerability scanning using Burp Suite's integrated toolset.

This skill provides a systematic approach to web application security auditing by leveraging the core features of Burp Suite. It guides users through the entire penetration testing lifecycle, from initial traffic interception and manual request manipulation with Repeater to automated vulnerability scanning and sophisticated brute-force attacks with Intruder. Whether you are testing business logic, looking for SQL injection, or documenting API history, this skill offers best practices and step-by-step instructions to ensure thorough security coverage and reliable proof-of-concept development.

Características Principales

01HTTP traffic interception and manual request modification

02Comprehensive vulnerability scanning and security auditing workflows

03Manual request replay and manipulation using Burp Repeater

04Advanced automated payload attacks with Burp Intruder

05Target scope management and site mapping for focused testing

060 GitHub stars

Casos de Uso

01Identifying and exploiting common web vulnerabilities like SQLi and XSS

02Testing e-commerce business logic by manipulating transaction parameters

03Auditing REST and GraphQL API security by capturing and replaying requests

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro-front burp-suite-testing

For use in Claude.ai and ChatGPT

Download Skill